urlscan.io logo urlscan.io
SecurityTrails logo

advicetosinkinslowly.net Open in urlscan Pro
104.21.64.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://the-constituent.com/
Effective URL: https://advicetosinkinslowly.net/
Submission: On November 02 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 10 domains to perform 18 HTTP transactions. The main IP is 104.21.64.209, located in and belongs to CLOUDFLARENET, US. The main domain is advicetosinkinslowly.net.
TLS certificate: Issued by WE1 on October 18th 2024. Valid for: 3 months.
This is the only time advicetosinkinslowly.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 104.21.32.87 13335 (CLOUDFLAR...)
1 1 104.21.0.197 13335 (CLOUDFLAR...)
1 1 104.21.17.64 13335 (CLOUDFLAR...)
1 10 188.114.96.3 13335 (CLOUDFLAR...)
1 1 172.67.162.65 13335 (CLOUDFLAR...)
1 104.21.64.209 13335 (CLOUDFLAR...)
8 142.250.186.129 15169 (GOOGLE)
18 4
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
the-constituent.com
1    104.21.32.87 (None, )

ASN13335 (CLOUDFLARENET, US)
dartzgrupa.com
1    104.21.0.197 (None, )

ASN13335 (CLOUDFLARENET, US)
afdah.pro
1    104.21.17.64 (None, )

ASN13335 (CLOUDFLARENET, US)
www.hiltonsky.com
10    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.jerseygirl-movie.com
imgsaya2.io
imgsaya.io
1    172.67.162.65 (United States)

ASN13335 (CLOUDFLARENET, US)
chatgpt-apk.com
1    104.21.64.209 (None, )

ASN13335 (CLOUDFLARENET, US)
advicetosinkinslowly.net
8    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
cdn.ampproject.org
Apex Domain
Subdomains		 Transfer
8 imgsaya2.io
imgsaya2.io — Cisco Umbrella Rank: 503349
297 KB
8 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 517
114 KB
1 imgsaya.io
imgsaya.io — Cisco Umbrella Rank: 226122
372 KB
1 advicetosinkinslowly.net
advicetosinkinslowly.net
13 KB
1 chatgpt-apk.com
chatgpt-apk.com
722 B
1 jerseygirl-movie.com
www.jerseygirl-movie.com
693 B
1 hiltonsky.com
www.hiltonsky.com
983 B
1 afdah.pro
afdah.pro
966 B
1 dartzgrupa.com
dartzgrupa.com
964 B
1 the-constituent.com
the-constituent.com
685 B
18 10
Domain Requested by
8 imgsaya2.io advicetosinkinslowly.net
8 cdn.ampproject.org advicetosinkinslowly.net
cdn.ampproject.org
1 imgsaya.io advicetosinkinslowly.net
1 advicetosinkinslowly.net
1 chatgpt-apk.com 1 redirects
1 www.jerseygirl-movie.com 1 redirects
1 www.hiltonsky.com 1 redirects
1 afdah.pro 1 redirects
1 dartzgrupa.com 1 redirects
1 the-constituent.com 1 redirects
18 10

This site contains links to these domains. Also see Links.

Domain
linkrjb.me
Subject Issuer Validity Valid
advicetosinkinslowly.net
WE1		 2024-10-18 -
2025-01-16		 3 months crt.sh
misc-sni.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
imgsaya2.io
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
imgsaya.io
WE1		 2024-09-07 -
2024-12-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://advicetosinkinslowly.net/
Frame ID: CA86F6C9E5771B6A48EA8A156B44525D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RAJABANDOT â™ â™  Bandar Toto Macau & Situs Togel Online Terpercaya dengan Jaminan Pembayaran Lunas Se-Asia

Page URL History Show full URLs

  1. http://the-constituent.com/ HTTP 307
    https://the-constituent.com/ HTTP 301
    https://dartzgrupa.com/ HTTP 301
    https://afdah.pro/ HTTP 301
    https://www.hiltonsky.com/ HTTP 301
    https://www.jerseygirl-movie.com/ HTTP 301
    https://chatgpt-apk.com/ HTTP 301
    https://advicetosinkinslowly.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

4
IPs

3
Countries

796 kB
Transfer

1164 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://the-constituent.com/ HTTP 307
    https://the-constituent.com/ HTTP 301
    https://dartzgrupa.com/ HTTP 301
    https://afdah.pro/ HTTP 301
    https://www.hiltonsky.com/ HTTP 301
    https://www.jerseygirl-movie.com/ HTTP 301
    https://chatgpt-apk.com/ HTTP 301
    https://advicetosinkinslowly.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
advicetosinkinslowly.net/
Redirect Chain
  • http://the-constituent.com/
  • https://the-constituent.com/
  • https://dartzgrupa.com/
  • https://afdah.pro/
  • https://www.hiltonsky.com/
  • https://www.jerseygirl-movie.com/
  • https://chatgpt-apk.com/
  • https://advicetosinkinslowly.net/
71 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://advicetosinkinslowly.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
f335a4cc41b640a617f68f0b0414353e9c9f2f81f2147064aa75afdb4d4039da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
8dc0da230d26b93c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 02 Nov 2024 02:56:33 GMT
expires
Sat, 02 Nov 2024 03:56:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9jg50Y%2FXVXhLyFHVeT46WlfGsyC4d1uPDc%2BqRxfkDm%2FBjtFodsdR2UxC195nvM3g1Fye39UjTfgtbwaNSP55RZmwOJ0BBLQo0eEKlNAAMpazdphtAmbRHIL6azQghUzkMe7WPOOBgWIh5kY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=12539&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4154&recv_bytes=4444&delivery_rate=47410&cwnd=12000&unsent_bytes=0&cid=01aaee7c1f3fd80c&ts=50&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
8dc0da229d0e0bed-AMS
content-type
text/html; charset=iso-8859-1
date
Sat, 02 Nov 2024 02:56:33 GMT
expires
Sat, 02 Nov 2024 03:56:33 GMT
location
https://advicetosinkinslowly.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qPLh%2FC2F0Z3ghyjuxO9xmeV%2BvYhPOLArfszmWnK%2FzZ01lfEVMF6asHOKm5LxFWtXk9q%2F8xg5erastnx3Ipxsuf3wd9yz4ob3%2F1nk2Lw%2FK88S8UK6EQLARYLBL6hIB3bXwrw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=12382&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4437&delivery_rate=47091&cwnd=12000&unsent_bytes=0&cid=e0e46ac27aaa8621&ts=37&x=1" cfExtPri cfHdrFlush;dur=0
x-frame-options
SAMEORIGIN
v0.mjs
cdn.ampproject.org/ 		223 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.mjs
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
6135fb9bc76250a8f91bbf718b8c6b3dcccaf10584fb76ec8741befd180dbd51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://advicetosinkinslowly.net
Referer
https://advicetosinkinslowly.net/

Response headers

content-encoding
br
etag
"23abcdba7c36547b"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 02:56:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 02:56:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
63634
x-xss-protection
0
server
sffe
amp-carousel-0.1.mjs
cdn.ampproject.org/v0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
0eff859941223b1a5a17536f500f2be21b754e18df4b7de2eee99ce1e10138c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://advicetosinkinslowly.net
Referer
https://advicetosinkinslowly.net/

Response headers

content-encoding
br
etag
"c253b00fef12ae1d"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 02:56:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 02:56:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
10071
x-xss-protection
0
server
sffe
amp-install-serviceworker-0.1.mjs
cdn.ampproject.org/v0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
8b725438c1c1f0a85d7c2b41d3fa8afc7866bf78963267731fac64f81f6a47ed
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://advicetosinkinslowly.net
Referer
https://advicetosinkinslowly.net/

Response headers

content-encoding
br
etag
"bca1f2c820cc4bf7"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 02:56:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 02:56:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2377
x-xss-protection
0
server
sffe
amp-youtube-0.1.mjs
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
5835b812908b67653a604b4ac6713ebca55c1fdcfa777a96ef4d112dab56daf2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://advicetosinkinslowly.net
Referer
https://advicetosinkinslowly.net/

Response headers

content-encoding
br
etag
"6246fd14d969c6ba"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 02:56:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 02:56:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
10312
x-xss-protection
0
server
sffe
amp-accordion-0.1.mjs
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
dd95032c7e8506b3c35b84034130fa2d3ac15e448c4bd489716d50d664c94c33
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://advicetosinkinslowly.net
Referer
https://advicetosinkinslowly.net/

Response headers

content-encoding
br
etag
"8f56f63035ed093e"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 02:56:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 02:56:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
4858
x-xss-protection
0
server
sffe
luckyneko.webp
imgsaya2.io/images/2024/10/01/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya2.io/images/2024/10/01/luckyneko.webp
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30701e604ead905f4bd813d40921098f1025d7e7846fc6d5865912c54d908166

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

cache-control
max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"11c5e-62363ff673dd4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFZUDelVXUJ7BPdQTN1ABj%2Fm4lfwU1QXL9aBNiTK9PSYPVjfXwbCTMRl9Y5eu9C3OXhvL7aUUJTPTYFrTeb9K%2FZz8wLoI%2BfV%2BvunDiQUygYlW66uYNEjXhwmxUYAZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc0da23ac6e9f8e-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13975&sent=12&recv=14&lost=0&retrans=0&sent_bytes=4176&recv_bytes=5896&delivery_rate=695&cwnd=12000&unsent_bytes=0&cid=3b6e93ba10df4f61&ts=211&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
72798
date
Sat, 02 Nov 2024 02:56:34 GMT
last-modified
Tue, 01 Oct 2024 05:57:33 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=2,i
enter.png
imgsaya2.io/images/2024/10/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya2.io/images/2024/10/09/enter.png
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728a6f51caf67cbf0652c3074ef56768ca4b6e8b838ba0a369cf460e847d60e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

cf-cache-status
HIT
etag
"2d66-62408fb28de74"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQ8lwrXGGoO3DGwebfM86aFO605Wl4zr%2ByUdOQv5Ijs9ZJ5opp1c1MqM4TN%2BRbKhEhyrHAPpdFkFK1kMXtc54pS1Qpt%2BZ5TBCYKUvkfMCHc671m8X6DcrF7GZivbrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13503&sent=200&recv=71&lost=0&retrans=0&sent_bytes=224255&recv_bytes=8718&delivery_rate=5680915&cwnd=93600&unsent_bytes=0&cid=3b6e93ba10df4f61&ts=544&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 02:56:34 GMT
content-type
image/png
last-modified
Wed, 09 Oct 2024 10:47:32 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc0da23ac709f8e-AMS
accept-ranges
bytes
content-length
11622
server
cloudflare
plus.png
imgsaya2.io/images/2024/10/09/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya2.io/images/2024/10/09/plus.png
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae73a7b55f88cd92ac63544aa533ebe1b48fe904564c2c3b18ba123b087f1a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

cf-cache-status
HIT
etag
"28d8-62408fb25f06f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eK8L7xdcEjtvvSH1kP3ea3StwQQh%2F0Cf4tCaPL8rWViU7W5PDQlAiX%2Bmfyy8zqkKrQLa0KP0DTCMPsMW05GFE1DHceilwCt%2FgJ4RP8rcun5gGCDT5AdcividhdfNZg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13503&sent=211&recv=71&lost=0&retrans=0&sent_bytes=236794&recv_bytes=8718&delivery_rate=5680915&cwnd=93600&unsent_bytes=0&cid=3b6e93ba10df4f61&ts=548&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 02:56:34 GMT
content-type
image/png
last-modified
Wed, 09 Oct 2024 10:47:32 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc0da23ac729f8e-AMS
accept-ranges
bytes
content-length
10456
server
cloudflare
promo.png
imgsaya2.io/images/2024/10/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya2.io/images/2024/10/09/promo.png
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac63fa61e61c45bb2f5035a145f9d3dd1b5a9575d29f7040951f936642a435f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

cf-cache-status
HIT
etag
"3745-62408fb1f4944"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vecmHCGlJHPNzXjYSuCYXqbrJ7LazJInun1sNirzvb7k6SNTse%2FagDmLtqQs7vK4jbQiMa%2BMsfAlsANICRLRssN2pNtfKpvq1NhFh0Tuyo5ictzoFrwk2uB7sIfZEg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13975&sent=23&recv=15&lost=0&retrans=0&sent_bytes=16200&recv_bytes=6259&delivery_rate=695&cwnd=12000&unsent_bytes=0&cid=3b6e93ba10df4f61&ts=220&x=1", cfExtPri, cfHdrFlush;dur=4
date
Sat, 02 Nov 2024 02:56:34 GMT
content-type
image/png
last-modified
Wed, 09 Oct 2024 10:47:31 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc0da23ac6a9f8e-AMS
accept-ranges
bytes
content-length
14149
server
cloudflare
cs.png
imgsaya2.io/images/2024/10/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya2.io/images/2024/10/09/cs.png
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca04e0f86d3eaa2313bae993647bcfa16c8b7480e1f48a790b3b11f81937dc3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

cf-cache-status
HIT
etag
"325b-62408fb23026a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0AZvBidNQUhMPCx2w1%2BSD1Nhlfw2%2BqoEt7EMqGwUBNRxW2c9b373nZHE4ZJUOh2xCaRRcmaLYAmjcQdjtqrTC2ymMIO8bQk%2FcIJsdWo2vxCI1QrVmsqxIXg%2F9MZE6w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13377&sent=221&recv=74&lost=0&retrans=0&sent_bytes=248141&recv_bytes=8854&delivery_rate=1811197&cwnd=93600&unsent_bytes=0&cid=3b6e93ba10df4f61&ts=754&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 02:56:34 GMT
content-type
image/png
last-modified
Wed, 09 Oct 2024 10:47:31 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc0da23ac6c9f8e-AMS
accept-ranges
bytes
content-length
12891
server
cloudflare
JtPyvpHw.webp
imgsaya.io/download/ 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya.io/download/JtPyvpHw.webp
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3c5c1a15a6d18cdbb6f71c38db50e8fbb7bb9e8a524f5ee844795bb1795727
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

ratelimit-remaining
249
cf-cache-status
REVALIDATED
etag
"20501a345bbe046d271cacd018672acc"
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QlnVA%2BJTPzmOVjcEGhkRdiXirKi3MMdMBiSDtHOOHi2al8Au8xX55JNgTmwIn80cklZQSr022ESqXa2d2P3eRzLLOWjhCkxhCiJCUKAZ9koMyJe4aZF6CJHo1qsp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-ratelimit-limit-second
250
x-proxy-cache
HIT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12814&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4136&recv_bytes=4459&delivery_rate=722&cwnd=12000&unsent_bytes=0&cid=dd68927ef6fd4cdf&ts=574&x=1", cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 02:56:34 GMT
x-rgw-object-type
Normal
content-type
image/webp
last-modified
Tue, 06 Aug 2024 05:32:36 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining-second
249
ratelimit-limit
250
x-amz-request-id
tx0000024d7622c5d7f8dcd-0066d5dc8f-a5038-default
cf-ray
8dc0da24bcb706ce-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
379752
x-xss-protection
1; mode=block
server
cloudflare
amp-auto-lightbox-0.1.mjs
cdn.ampproject.org/rtv/012410161801000/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/amp-auto-lightbox-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
ac5e080a9de2c02b375c0db535bcbd442b4eac89932532661560029311fdfda9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://advicetosinkinslowly.net
Referer
https://advicetosinkinslowly.net/

Response headers

content-encoding
br
etag
"b8502452bfebf99a"
age
60054
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 10:15:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 10:15:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2819
x-xss-protection
0
server
sffe
amp-loader-0.1.mjs
cdn.ampproject.org/rtv/012410161801000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/amp-loader-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
df6f1dfd2d6a4c4f29fc8e1f954c3b451177703cb8518b03b0993acaeded5230
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://advicetosinkinslowly.net
Referer
https://advicetosinkinslowly.net/

Response headers

content-encoding
br
etag
"31d5abb8ef0b3a4f"
age
213738
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:34:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:34:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
3917
x-xss-protection
0
server
sffe
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
bandar-toto-macau-togel.webp
imgsaya2.io/images/2024/10/09/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya2.io/images/2024/10/09/bandar-toto-macau-togel.webp
Requested by
Host: advicetosinkinslowly.net
URL: https://advicetosinkinslowly.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3ddb3d21ac523b10e82271975a1809b600f74b89be0e62c8d0f173c925e2ff4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

cache-control
max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"1ed44-6240695733fba"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2F%2F3%2BFLy1Gadq4eA56Iic34Ion8BPUunu7z%2FAmhwRKigoHObMrxXXWINIP50cTYA5oT56svUlPwnDw2FpM9wTiJgce3xFprC6FCLknllDwwsdm9rTHRyUkZgxyJ%2FDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc0da24dd2b9f8e-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13346&sent=91&recv=54&lost=0&retrans=0&sent_bytes=94477&recv_bytes=7960&delivery_rate=1110064&cwnd=52800&unsent_bytes=0&cid=3b6e93ba10df4f61&ts=402&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
126276
date
Sat, 02 Nov 2024 02:56:34 GMT
last-modified
Wed, 09 Oct 2024 07:55:56 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
Rajabandotfav.png
imgsaya2.io/images/2024/07/09/ 		49 KB
50 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://imgsaya2.io/images/2024/07/09/Rajabandotfav.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72c7dae87d05e3155ecae0aef02d2ddbf891c91574afa13169f13d66c49ca301

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

cf-cache-status
HIT
etag
"c4e5-61cca23e9881e"
age
5436
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYihy3%2F8vq3wQqFN2FjdmpJ7vxRFa7gRnOWIcyOfCkNXXCyNJGnCBBsT%2F9LHd1nbPrxI6fYCJ7GgrnMAAk%2BP1sp7pIcbcrrecUlySkhD7tToiZrQ%2B1OfkTo2ANSd7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13313&sent=235&recv=77&lost=0&retrans=0&sent_bytes=262024&recv_bytes=9315&delivery_rate=1059160&cwnd=93600&unsent_bytes=0&cid=3b6e93ba10df4f61&ts=859&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 02:56:34 GMT
content-type
image/png
last-modified
Tue, 09 Jul 2024 05:52:51 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc0da28dff39f8e-AMS
accept-ranges
bytes
content-length
50405
server
cloudflare
amp-lightbox-gallery-0.1.mjs
cdn.ampproject.org/rtv/012410161801000/v0/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/amp-lightbox-gallery-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
3183a3b9f77a90be6bf35f848cc37e2b59d87eeaed2e2ef2ac3c48825729da64
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://advicetosinkinslowly.net
Referer
https://advicetosinkinslowly.net/

Response headers

content-encoding
br
etag
"bc0cc865b6fec2ab"
age
212556
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:53:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:53:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
16864
x-xss-protection
0
server
sffe
Rajabandotfav.png
imgsaya2.io/images/2024/07/09/ 		49 KB
642 B 		Other
General
Check archive.org
Download Go to
Full URL
https://imgsaya2.io/images/2024/07/09/Rajabandotfav.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72c7dae87d05e3155ecae0aef02d2ddbf891c91574afa13169f13d66c49ca301

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://advicetosinkinslowly.net/

Response headers

cf-cache-status
HIT
etag
"c4e5-61cca23e9881e"
age
5436
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=edd3xkcKqVgRIU2whJd8X3CEwS8vpSfnxg1NdRh05CI9J7Vnr9ACIqHiZCM1bP3PVhPR9qPrpo5g6v3SWeR%2F1T2fwz7XwseAry19JjT2OgXAivFPLugfaFQPK02xjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13286&sent=280&recv=83&lost=0&retrans=0&sent_bytes=314235&recv_bytes=9942&delivery_rate=2560387&cwnd=93600&unsent_bytes=0&cid=3b6e93ba10df4f61&ts=892&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 02:56:34 GMT
content-type
image/png
last-modified
Tue, 09 Jul 2024 05:52:51 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc0da29081b9f8e-AMS
accept-ranges
bytes
content-length
50405
server
cloudflare

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_MODE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advicetosinkinslowly.net
afdah.pro
cdn.ampproject.org
chatgpt-apk.com
dartzgrupa.com
imgsaya.io
imgsaya2.io
the-constituent.com
www.hiltonsky.com
www.jerseygirl-movie.com
104.21.0.197
104.21.17.64
104.21.32.87
104.21.64.209
142.250.186.129
172.67.162.65
188.114.96.3
188.114.97.3
0ae73a7b55f88cd92ac63544aa533ebe1b48fe904564c2c3b18ba123b087f1a7
0eff859941223b1a5a17536f500f2be21b754e18df4b7de2eee99ce1e10138c7
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
30701e604ead905f4bd813d40921098f1025d7e7846fc6d5865912c54d908166
3183a3b9f77a90be6bf35f848cc37e2b59d87eeaed2e2ef2ac3c48825729da64
5835b812908b67653a604b4ac6713ebca55c1fdcfa777a96ef4d112dab56daf2
6135fb9bc76250a8f91bbf718b8c6b3dcccaf10584fb76ec8741befd180dbd51
728a6f51caf67cbf0652c3074ef56768ca4b6e8b838ba0a369cf460e847d60e7
72c7dae87d05e3155ecae0aef02d2ddbf891c91574afa13169f13d66c49ca301
7c3c5c1a15a6d18cdbb6f71c38db50e8fbb7bb9e8a524f5ee844795bb1795727
8b725438c1c1f0a85d7c2b41d3fa8afc7866bf78963267731fac64f81f6a47ed
ac5e080a9de2c02b375c0db535bcbd442b4eac89932532661560029311fdfda9
ac63fa61e61c45bb2f5035a145f9d3dd1b5a9575d29f7040951f936642a435f2
ca04e0f86d3eaa2313bae993647bcfa16c8b7480e1f48a790b3b11f81937dc3a
d3ddb3d21ac523b10e82271975a1809b600f74b89be0e62c8d0f173c925e2ff4
dd95032c7e8506b3c35b84034130fa2d3ac15e448c4bd489716d50d664c94c33
df6f1dfd2d6a4c4f29fc8e1f954c3b451177703cb8518b03b0993acaeded5230
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f335a4cc41b640a617f68f0b0414353e9c9f2f81f2147064aa75afdb4d4039da